Add a fuzz target for `_elementtree.XMLParser._parse_whole` (#111477)

* Add a fuzzer for `_elementtree.XMLParser._parse_whole`
This commit is contained in:
Brad Larsen 2023-11-03 17:01:56 -04:00 committed by GitHub
parent df9815eb11
commit f21b23058e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
60 changed files with 623 additions and 0 deletions

View File

@ -0,0 +1,134 @@
tok_1="<"
tok_2=">"
tok_3="/"
tok_4="<![CDATA["
tok_5="]]>"
tok_6="<?xml"
tok_6a="?>"
tok_7="version"
tok_8="encoding"
tok_9="UTF-8"
tok_9a="UTF-16"
tok_9b="ASCII"
tok_9c="LATIN-1"
tok_9d="UTF-32"
tok_9e="UTF-7"
tok_10="\""
tok_11="&"
tok_11a="&#"
tok_11b=";"
tok_12="'"
tok_13="<!--"
tok_13a="-->"
tok_14="</"
tok_15="="
tok_16="&gt;"
tok_17="&lt;"
tok_18="&amp;"
tok_19="&apos;"
tok_20="&quot;"
tok_21="&#20013;"
tok_22="&#x4e2d;"
tok_23="&#0;"
tok_24="<!ENTITY"
tok_25="SYSTEM"
tok_26="PUBLIC"
tok_27="NDATA"
tok_28="["
tok_29="]"
tok_30="\\"
tok_30a="\\x00"
tok_31="0"
tok_32="1"
tok_33="2"
tok_34="3"
tok_35="4"
tok_36="5"
tok_37="6"
tok_38="7"
tok_39="8"
tok_40="9"
tok_41="iso8859_1"
tok_42="latin_1"
tok_43="us.ascii"
tok_43a="us_ascii"
tok_43b="ascii"
tok_44="xml:"
tok_45="surrogate"
tok_46="replace"
tok_47="strict"
attr_encoding=" encoding=\"1\""
attr_generic=" a=\"1\""
attr_href=" href=\"1\""
attr_standalone=" standalone=\"no\""
attr_version=" version=\"1\""
attr_xml_base=" xml:base=\"1\""
attr_xml_id=" xml:id=\"1\""
attr_xml_lang=" xml:lang=\"1\""
attr_xml_space=" xml:space=\"1\""
attr_xmlns=" xmlns=\"1\""
entity_builtin="&lt;"
entity_decimal="&#1;"
entity_external="&a;"
entity_hex="&#x1;"
string_any="ANY"
string_brackets="[]"
string_cdata="CDATA"
string_col_fallback=":fallback"
string_col_generic=":a"
string_col_include=":include"
string_dashes="--"
string_empty="EMPTY"
string_empty_dblquotes="\"\""
string_empty_quotes="''"
string_entities="ENTITIES"
string_entity="ENTITY"
string_fixed="#FIXED"
string_id="ID"
string_idref="IDREF"
string_idrefs="IDREFS"
string_implied="#IMPLIED"
string_nmtoken="NMTOKEN"
string_nmtokens="NMTOKENS"
string_notation="NOTATION"
string_parentheses="()"
string_pcdata="#PCDATA"
string_percent="%a"
string_public="PUBLIC"
string_required="#REQUIRED"
string_schema=":schema"
string_system="SYSTEM"
string_ucs4="UCS-4"
string_utf16="UTF-16"
string_utf8="UTF-8"
string_xmlns="xmlns:"
tag_attlist="<!ATTLIST"
tag_cdata="<![CDATA["
tag_close="</a>"
tag_doctype="<!DOCTYPE"
tag_element="<!ELEMENT"
tag_entity="<!ENTITY"
tag_ignore="<![IGNORE["
tag_include="<![INCLUDE["
tag_notation="<!NOTATION"
tag_open="<a>"
tag_open_close="<a />"
tag_open_exclamation="<!"
tag_open_q="<?"
tag_sq2_close="]]>"
tag_xml_q="<?xml?>"
encoding_utf="UTF-"
encoding_iso1="ISO-8859"
encoding_iso3="ISO-10646-UCS"
encoding_iso5="ISO-LATIN-1"
encoding_jis="SHIFT_JIS"
encoding_utf7="UTF-7"
encoding_utf16le="UTF-16BE"
encoding_utf16le="UTF-16LE"
encoding_ascii="US-ASCII"
encoding_latin1="latin1"

View File

@ -0,0 +1,4 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:c14n2="http://www.w3.org/2010/xml-c14n2" Algorithm="http://www.w3.org/2010/xml-c14n2">
<c14n2:IgnoreComments>true</c14n2:IgnoreComments>
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,3 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2010/xml-c14n2">
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,4 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:c14n2="http://www.w3.org/2010/xml-c14n2" Algorithm="http://www.w3.org/2010/xml-c14n2">
<c14n2:PrefixRewrite>sequential</c14n2:PrefixRewrite>
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,7 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:c14n2="http://www.w3.org/2010/xml-c14n2" Algorithm="http://www.w3.org/2010/xml-c14n2">
<c14n2:PrefixRewrite>sequential</c14n2:PrefixRewrite>
<c14n2:QNameAware>
<c14n2:QualifiedAttr Name="type" NS="http://www.w3.org/2001/XMLSchema-instance"/>
</c14n2:QNameAware>
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,8 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:c14n2="http://www.w3.org/2010/xml-c14n2" Algorithm="http://www.w3.org/2010/xml-c14n2">
<c14n2:PrefixRewrite>sequential</c14n2:PrefixRewrite>
<c14n2:QNameAware>
<c14n2:Element Name="bar" NS="http://a"/>
<c14n2:XPathElement Name="IncludedXPath" NS="http://www.w3.org/2010/xmldsig2#"/>
</c14n2:QNameAware>
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,6 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:c14n2="http://www.w3.org/2010/xml-c14n2" Algorithm="http://www.w3.org/2010/xml-c14n2">
<c14n2:QNameAware>
<c14n2:QualifiedAttr Name="type" NS="http://www.w3.org/2001/XMLSchema-instance"/>
</c14n2:QNameAware>
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,6 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:c14n2="http://www.w3.org/2010/xml-c14n2" Algorithm="http://www.w3.org/2010/xml-c14n2">
<c14n2:QNameAware>
<c14n2:Element Name="bar" NS="http://a"/>
</c14n2:QNameAware>
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,7 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:c14n2="http://www.w3.org/2010/xml-c14n2" Algorithm="http://www.w3.org/2010/xml-c14n2">
<c14n2:QNameAware>
<c14n2:Element Name="bar" NS="http://a"/>
<c14n2:XPathElement Name="IncludedXPath" NS="http://www.w3.org/2010/xmldsig2#"/>
</c14n2:QNameAware>
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,4 @@
<dsig:CanonicalizationMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:c14n2="http://www.w3.org/2010/xml-c14n2" Algorithm="http://www.w3.org/2010/xml-c14n2">
<c14n2:TrimTextNodes>true</c14n2:TrimTextNodes>
</dsig:CanonicalizationMethod>

View File

@ -0,0 +1,2 @@
<a b='01234567890123456古人咏雪抽幽思骋妍辞竞险韵偶得一编奇绝辄擅美当时流声后代是以北门之风南山之雅梁园之简黄台之赋至今为作家称述尚矣及至洛阳之卧剡溪之兴灞桥之思亦皆传为故事钱塘沈履德先生隐居西湖两峰间孤高贞洁与雪同调方大雪满天皴肤粟背之际先生乃鹿中豹舄端居闭门或扶童曳杖踏遍六桥三竺时取古人诗讽咏之合唐宋元诸名家集句成诗得二百四十章联络通穿如出一人如呵一气气立于言表格备于篇中略无掇拾补凑之形非胸次包罗壮阔笔底驱走鲍谢欧苏诸公不能为此世称王荆公为集句擅长观其在钟山对雪仅题数篇未见有此噫嘻奇矣哉亦富矣哉予慕先生有袁安之节愧不能为慧可之立乃取新集命工传写使海内同好者知先生为博古传述之士而一新世人之耳目他日必有慕潜德阐幽光而剞劂以传者余实为之执殳矣
弘治戊午仲冬望日慈溪杨子器衵于海虞官舍序毕诗部' />

View File

@ -0,0 +1,14 @@
<?xml version="1.0"?>
<?xml-stylesheet href="doc.xsl"
type="text/xsl" ?>
<!DOCTYPE doc SYSTEM "doc.dtd">
<doc>Hello, world!<!-- Comment 1 --></doc>
<?pi-without-data ?>
<!-- Comment 2 -->
<!-- Comment 3 -->

View File

@ -0,0 +1,11 @@
<doc>
<clean> </clean>
<dirty> A B </dirty>
<mixed>
A
<clean> </clean>
B
<dirty> A B </dirty>
C
</mixed>
</doc>

View File

@ -0,0 +1,18 @@
<!DOCTYPE doc [<!ATTLIST e9 attr CDATA "default">]>
<doc>
<e1 />
<e2 ></e2>
<e3 name = "elem3" id="elem3" />
<e4 name="elem4" id="elem4" ></e4>
<e5 a:attr="out" b:attr="sorted" attr2="all" attr="I'm"
xmlns:b="http://www.ietf.org"
xmlns:a="http://www.w3.org"
xmlns="http://example.org"/>
<e6 xmlns="" xmlns:a="http://www.w3.org">
<e7 xmlns="http://www.ietf.org">
<e8 xmlns="" xmlns:a="http://www.w3.org">
<e9 xmlns="" xmlns:a="http://www.ietf.org"/>
</e8>
</e7>
</e6>
</doc>

View File

@ -0,0 +1,13 @@
<!DOCTYPE doc [
<!ATTLIST normId id ID #IMPLIED>
<!ATTLIST normNames attr NMTOKENS #IMPLIED>
]>
<doc>
<text>First line&#x0d;&#10;Second line</text>
<value>&#x32;</value>
<compute><![CDATA[value>"0" && value<"10" ?"valid":"error"]]></compute>
<compute expr='value>"0" &amp;&amp; value&lt;"10" ?"valid":"error"'>valid</compute>
<norm attr=' &apos; &#x20;&#13;&#xa;&#9; &apos; '/>
<normNames attr=' A &#x20;&#13;&#xa;&#9; B '/>
<normId id=' &apos;&#x20;&#13;&#xa;&#9; &apos; '/>
</doc>

View File

@ -0,0 +1,12 @@
<!DOCTYPE doc [
<!ATTLIST doc attrExtEnt CDATA #IMPLIED>
<!ENTITY ent1 "Hello">
<!ENTITY ent2 SYSTEM "world.txt">
<!ENTITY entExt SYSTEM "earth.gif" NDATA gif>
<!NOTATION gif SYSTEM "viewgif.exe">
]>
<doc attrExtEnt="entExt">
&ent1;, &ent2;!
</doc>
<!-- Let world.txt contain "world" (excluding the quotes) -->

View File

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<doc>&#169;</doc>

View File

@ -0,0 +1,4 @@
<a:foo xmlns:a="http://a" xmlns:b="http://b" xmlns:child="http://c" xmlns:soap-env="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<a:bar>xsd:string</a:bar>
<dsig2:IncludedXPath xmlns:dsig2="http://www.w3.org/2010/xmldsig2#">/soap-env:body/child::b:foo[@att1 != "c:val" and @att2 != 'xsd:string']</dsig2:IncludedXPath>
</a:foo>

View File

@ -0,0 +1,3 @@
<foo xmlns:a="http://a" xmlns:b="http://b">
<b:bar b:att1="val" att2="val"/>
</foo>

View File

@ -0,0 +1,6 @@
<a:foo xmlns:a="http://a" xmlns:b="http://b" xmlns:c="http://c">
<b:bar/>
<b:bar/>
<b:bar/>
<a:bar b:att1="val"/>
</a:foo>

View File

@ -0,0 +1,3 @@
<foo xmlns:a="http://z3" xmlns:b="http://z2" a:att1="val1" b:att2="val2">
<bar xmlns="http://z0" xmlns:a="http://z2" a:att1="val1" b:att2="val2" xmlns:b="http://z3" />
</foo>

View File

@ -0,0 +1,4 @@
<a:foo xmlns:a="http://z3" xmlns:b="http://z2" b:att1="val1" c:att3="val3" b:att2="val2" xmlns:c="http://z1" xmlns:d="http://z0">
<c:bar/>
<c:bar d:att3="val3"/>
</a:foo>

View File

@ -0,0 +1,4 @@
<foo xmlns:a="http://z0" xmlns:b="http://z0" a:att1="val1" b:att2="val2" xmlns="http://z0">
<c:bar xmlns:a="http://z0" xmlns:c="http://z0" c:att3="val3"/>
<d:bar xmlns:d="http://z0"/>
</foo>

View File

@ -0,0 +1,3 @@
<foo xmlns="http://z0" xml:id="23">
<bar xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">data</bar>
</foo>

View File

@ -0,0 +1,6 @@
<?xml-stylesheet href="doc.xsl"
type="text/xsl" ?>
<doc>Hello, world!<!-- Comment 1 --></doc>
<?pi-without-data?>
<!-- Comment 2 -->
<!-- Comment 3 -->

View File

@ -0,0 +1,4 @@
<?xml-stylesheet href="doc.xsl"
type="text/xsl" ?>
<doc>Hello, world!</doc>
<?pi-without-data?>

View File

@ -0,0 +1,11 @@
<doc>
<clean> </clean>
<dirty> A B </dirty>
<mixed>
A
<clean> </clean>
B
<dirty> A B </dirty>
C
</mixed>
</doc>

View File

@ -0,0 +1 @@
<doc><clean></clean><dirty>A B</dirty><mixed>A<clean></clean>B<dirty>A B</dirty>C</mixed></doc>

View File

@ -0,0 +1,14 @@
<doc>
<e1></e1>
<e2></e2>
<e3 id="elem3" name="elem3"></e3>
<e4 id="elem4" name="elem4"></e4>
<e5 xmlns="http://example.org" xmlns:a="http://www.w3.org" xmlns:b="http://www.ietf.org" attr="I'm" attr2="all" b:attr="sorted" a:attr="out"></e5>
<e6>
<e7 xmlns="http://www.ietf.org">
<e8 xmlns="">
<e9 attr="default"></e9>
</e8>
</e7>
</e6>
</doc>

View File

@ -0,0 +1,14 @@
<n0:doc xmlns:n0="">
<n0:e1></n0:e1>
<n0:e2></n0:e2>
<n0:e3 id="elem3" name="elem3"></n0:e3>
<n0:e4 id="elem4" name="elem4"></n0:e4>
<n1:e5 xmlns:n1="http://example.org" xmlns:n2="http://www.ietf.org" xmlns:n3="http://www.w3.org" attr="I'm" attr2="all" n2:attr="sorted" n3:attr="out"></n1:e5>
<n0:e6>
<n2:e7 xmlns:n2="http://www.ietf.org">
<n0:e8>
<n0:e9 attr="default"></n0:e9>
</n0:e8>
</n2:e7>
</n0:e6>
</n0:doc>

View File

@ -0,0 +1 @@
<doc><e1></e1><e2></e2><e3 id="elem3" name="elem3"></e3><e4 id="elem4" name="elem4"></e4><e5 xmlns="http://example.org" xmlns:a="http://www.w3.org" xmlns:b="http://www.ietf.org" attr="I'm" attr2="all" b:attr="sorted" a:attr="out"></e5><e6><e7 xmlns="http://www.ietf.org"><e8 xmlns=""><e9 attr="default"></e9></e8></e7></e6></doc>

View File

@ -0,0 +1,10 @@
<doc>
<text>First line&#xD;
Second line</text>
<value>2</value>
<compute>value&gt;"0" &amp;&amp; value&lt;"10" ?"valid":"error"</compute>
<compute expr="value>&quot;0&quot; &amp;&amp; value&lt;&quot;10&quot; ?&quot;valid&quot;:&quot;error&quot;">valid</compute>
<norm attr=" ' &#xD;&#xA;&#x9; ' "></norm>
<normNames attr="A &#xD;&#xA;&#x9; B"></normNames>
<normId id="' &#xD;&#xA;&#x9; '"></normId>
</doc>

View File

@ -0,0 +1,2 @@
<doc><text>First line&#xD;
Second line</text><value>2</value><compute>value&gt;"0" &amp;&amp; value&lt;"10" ?"valid":"error"</compute><compute expr="value>&quot;0&quot; &amp;&amp; value&lt;&quot;10&quot; ?&quot;valid&quot;:&quot;error&quot;">valid</compute><norm attr=" ' &#xD;&#xA;&#x9; ' "></norm><normNames attr="A &#xD;&#xA;&#x9; B"></normNames><normId id="' &#xD;&#xA;&#x9; '"></normId></doc>

View File

@ -0,0 +1,3 @@
<doc attrExtEnt="entExt">
Hello, world!
</doc>

View File

@ -0,0 +1 @@
<doc attrExtEnt="entExt">Hello, world!</doc>

View File

@ -0,0 +1,4 @@
<a:foo xmlns:a="http://a">
<a:bar>xsd:string</a:bar>
<dsig2:IncludedXPath xmlns:dsig2="http://www.w3.org/2010/xmldsig2#">/soap-env:body/child::b:foo[@att1 != "c:val" and @att2 != 'xsd:string']</dsig2:IncludedXPath>
</a:foo>

View File

@ -0,0 +1,4 @@
<n0:foo xmlns:n0="http://a">
<n0:bar xmlns:n1="http://www.w3.org/2001/XMLSchema">n1:string</n0:bar>
<n4:IncludedXPath xmlns:n2="http://b" xmlns:n3="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:n4="http://www.w3.org/2010/xmldsig2#">/n3:body/child::n2:foo[@att1 != "c:val" and @att2 != 'xsd:string']</n4:IncludedXPath>
</n0:foo>

View File

@ -0,0 +1,4 @@
<a:foo xmlns:a="http://a">
<a:bar xmlns:xsd="http://www.w3.org/2001/XMLSchema">xsd:string</a:bar>
<dsig2:IncludedXPath xmlns:dsig2="http://www.w3.org/2010/xmldsig2#">/soap-env:body/child::b:foo[@att1 != "c:val" and @att2 != 'xsd:string']</dsig2:IncludedXPath>
</a:foo>

View File

@ -0,0 +1,4 @@
<a:foo xmlns:a="http://a">
<a:bar xmlns:xsd="http://www.w3.org/2001/XMLSchema">xsd:string</a:bar>
<dsig2:IncludedXPath xmlns:b="http://b" xmlns:dsig2="http://www.w3.org/2010/xmldsig2#" xmlns:soap-env="http://schemas.xmlsoap.org/wsdl/soap/">/soap-env:body/child::b:foo[@att1 != "c:val" and @att2 != 'xsd:string']</dsig2:IncludedXPath>
</a:foo>

View File

@ -0,0 +1,3 @@
<foo>
<b:bar xmlns:b="http://b" att2="val" b:att1="val"></b:bar>
</foo>

View File

@ -0,0 +1,3 @@
<n0:foo xmlns:n0="">
<n1:bar xmlns:n1="http://b" att2="val" n1:att1="val"></n1:bar>
</n0:foo>

View File

@ -0,0 +1,6 @@
<a:foo xmlns:a="http://a">
<b:bar xmlns:b="http://b"></b:bar>
<b:bar xmlns:b="http://b"></b:bar>
<b:bar xmlns:b="http://b"></b:bar>
<a:bar xmlns:b="http://b" b:att1="val"></a:bar>
</a:foo>

View File

@ -0,0 +1,6 @@
<n0:foo xmlns:n0="http://a">
<n1:bar xmlns:n1="http://b"></n1:bar>
<n1:bar xmlns:n1="http://b"></n1:bar>
<n1:bar xmlns:n1="http://b"></n1:bar>
<n0:bar xmlns:n1="http://b" n1:att1="val"></n0:bar>
</n0:foo>

View File

@ -0,0 +1,3 @@
<foo xmlns:a="http://z3" xmlns:b="http://z2" b:att2="val2" a:att1="val1">
<bar xmlns="http://z0" xmlns:a="http://z2" xmlns:b="http://z3" a:att1="val1" b:att2="val2"></bar>
</foo>

View File

@ -0,0 +1,3 @@
<n0:foo xmlns:n0="" xmlns:n1="http://z2" xmlns:n2="http://z3" n1:att2="val2" n2:att1="val1">
<n3:bar xmlns:n3="http://z0" n1:att1="val1" n2:att2="val2"></n3:bar>
</n0:foo>

View File

@ -0,0 +1,4 @@
<a:foo xmlns:a="http://z3" xmlns:b="http://z2" xmlns:c="http://z1" c:att3="val3" b:att1="val1" b:att2="val2">
<c:bar></c:bar>
<c:bar xmlns:d="http://z0" d:att3="val3"></c:bar>
</a:foo>

View File

@ -0,0 +1,4 @@
<n2:foo xmlns:n0="http://z1" xmlns:n1="http://z2" xmlns:n2="http://z3" n0:att3="val3" n1:att1="val1" n1:att2="val2">
<n0:bar></n0:bar>
<n0:bar xmlns:n3="http://z0" n3:att3="val3"></n0:bar>
</n2:foo>

View File

@ -0,0 +1,4 @@
<foo xmlns="http://z0" xmlns:a="http://z0" xmlns:b="http://z0" a:att1="val1" b:att2="val2">
<c:bar xmlns:c="http://z0" c:att3="val3"></c:bar>
<d:bar xmlns:d="http://z0"></d:bar>
</foo>

View File

@ -0,0 +1,4 @@
<n0:foo xmlns:n0="http://z0" n0:att1="val1" n0:att2="val2">
<n0:bar n0:att3="val3"></n0:bar>
<n0:bar></n0:bar>
</n0:foo>

View File

@ -0,0 +1,3 @@
<foo xmlns="http://z0" xml:id="23">
<bar xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">data</bar>
</foo>

View File

@ -0,0 +1,3 @@
<n0:foo xmlns:n0="http://z0" xml:id="23">
<n0:bar xmlns:n1="http://www.w3.org/2001/XMLSchema-instance" n1:type="xsd:string">data</n0:bar>
</n0:foo>

View File

@ -0,0 +1,3 @@
<n0:foo xmlns:n0="http://z0" xml:id="23">
<n0:bar xmlns:n1="http://www.w3.org/2001/XMLSchema" xmlns:n2="http://www.w3.org/2001/XMLSchema-instance" n2:type="n1:string">data</n0:bar>
</n0:foo>

View File

@ -0,0 +1,3 @@
<foo xmlns="http://z0" xml:id="23">
<bar xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">data</bar>
</foo>

View File

@ -0,0 +1,7 @@
<?pi data?>
<!-- comment -->
<root xmlns='namespace'>
<element key='value'>text</element>
<element>text</element>tail
<empty-element/>
</root>

View File

@ -0,0 +1,6 @@
<!-- comment -->
<root>
<element key='value'>text</element>
<element>text</element>tail
<empty-element/>
</root>

View File

@ -0,0 +1,115 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<HTML xmlns:pp="http://www.isogen.com/paul/post-processor">
<TITLE>Introduction to XSL</TITLE>
<H1>Introduction to XSL</H1>
<HR/>
<H2>Overview
</H2>
<UL>
<LI>1.Intro</LI>
<LI>2.History</LI>
<LI>3.XSL Basics</LI>
<LI>Lunch</LI>
<LI>4.An XML Data Model</LI>
<LI>5.XSL Patterns</LI>
<LI>6.XSL Templates</LI>
<LI>7.XSL Formatting Model
</LI>
</UL>
<HR/>
<H2>Intro</H2>
<UL>
<LI>Who am I?</LI>
<LI>Who are you?</LI>
<LI>Why are we here?
</LI>
</UL>
<HR/>
<H2>History: XML and SGML</H2>
<UL>
<LI>XML is a subset of SGML.</LI>
<LI>SGML allows the separation of abstract content from formatting.</LI>
<LI>Also one of XML's primary virtues (in the doc publishing domain).
</LI>
</UL>
<HR/>
<H2>History: What are stylesheets?</H2>
<UL>
<LI>Stylesheets specify the formatting of SGML/XML documents.</LI>
<LI>Stylesheets put the &quot;style&quot; back into documents.</LI>
<LI>New York Times content+NYT Stylesheet = NYT paper
</LI>
</UL>
<HR/>
<H2>History: FOSI</H2>
<UL>
<LI>FOSI: &quot;Formatted Output Specification Instance&quot;
<UL>
<LI>MIL-STD-28001
</LI>
<LI>FOSI's are SGML documents
</LI>
<LI>A stylesheet for another document
</LI>
</UL></LI>
<LI>Obsolete but implemented...
</LI>
</UL>
µ
</HTML>

View File

@ -7,3 +7,4 @@ fuzz_sre_match
fuzz_csv_reader fuzz_csv_reader
fuzz_struct_unpack fuzz_struct_unpack
fuzz_ast_literal_eval fuzz_ast_literal_eval
fuzz_elementtree_parsewhole

View File

@ -439,6 +439,68 @@ static int fuzz_ast_literal_eval(const char* data, size_t size) {
return 0; return 0;
} }
#define MAX_ELEMENTTREE_PARSEWHOLE_TEST_SIZE 0x100000
PyObject* xmlparser_type = NULL;
PyObject* bytesio_type = NULL;
/* Called by LLVMFuzzerTestOneInput for initialization */
static int init_elementtree_parsewhole(void) {
PyObject* elementtree_module = PyImport_ImportModule("_elementtree");
if (elementtree_module == NULL) {
return 0;
}
xmlparser_type = PyObject_GetAttrString(elementtree_module, "XMLParser");
Py_DECREF(elementtree_module);
if (xmlparser_type == NULL) {
return 0;
}
PyObject* io_module = PyImport_ImportModule("io");
if (io_module == NULL) {
return 0;
}
bytesio_type = PyObject_GetAttrString(io_module, "BytesIO");
Py_DECREF(io_module);
if (bytesio_type == NULL) {
return 0;
}
return 1;
}
/* Fuzz _elementtree.XMLParser._parse_whole(x) */
static int fuzz_elementtree_parsewhole(const char* data, size_t size) {
if (size > MAX_ELEMENTTREE_PARSEWHOLE_TEST_SIZE) {
return 0;
}
PyObject *input = PyObject_CallFunction(bytesio_type, "y#", data, (Py_ssize_t)size);
if (input == NULL) {
assert(PyErr_Occurred());
PyErr_Print();
abort();
}
PyObject *xmlparser_instance = PyObject_CallObject(xmlparser_type, NULL);
if (xmlparser_instance == NULL) {
assert(PyErr_Occurred());
PyErr_Print();
abort();
}
PyObject *result = PyObject_CallMethod(xmlparser_instance, "_parse_whole", "O", input);
if (result == NULL) {
/* Ignore exception here, which can be caused by invalid XML input */
PyErr_Clear();
} else {
Py_DECREF(result);
}
Py_DECREF(xmlparser_instance);
Py_DECREF(input);
return 0;
}
/* Run fuzzer and abort on failure. */ /* Run fuzzer and abort on failure. */
static int _run_fuzz(const uint8_t *data, size_t size, int(*fuzzer)(const char* , size_t)) { static int _run_fuzz(const uint8_t *data, size_t size, int(*fuzzer)(const char* , size_t)) {
int rv = fuzzer((const char*) data, size); int rv = fuzzer((const char*) data, size);
@ -569,6 +631,17 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
} }
rv |= _run_fuzz(data, size, fuzz_ast_literal_eval); rv |= _run_fuzz(data, size, fuzz_ast_literal_eval);
#endif
#if !defined(_Py_FUZZ_ONE) || defined(_Py_FUZZ_fuzz_elementtree_parsewhole)
static int ELEMENTTREE_PARSEWHOLE_INITIALIZED = 0;
if (!ELEMENTTREE_PARSEWHOLE_INITIALIZED && !init_elementtree_parsewhole()) {
PyErr_Print();
abort();
} else {
ELEMENTTREE_PARSEWHOLE_INITIALIZED = 1;
}
rv |= _run_fuzz(data, size, fuzz_elementtree_parsewhole);
#endif #endif
return rv; return rv;
} }

View File

@ -589,6 +589,7 @@ Modules/_xxtestfuzz/_xxtestfuzz.c - _fuzzmodule -
Modules/_xxtestfuzz/_xxtestfuzz.c - module_methods - Modules/_xxtestfuzz/_xxtestfuzz.c - module_methods -
Modules/_xxtestfuzz/fuzzer.c - RE_FLAG_DEBUG - Modules/_xxtestfuzz/fuzzer.c - RE_FLAG_DEBUG -
Modules/_xxtestfuzz/fuzzer.c - ast_literal_eval_method - Modules/_xxtestfuzz/fuzzer.c - ast_literal_eval_method -
Modules/_xxtestfuzz/fuzzer.c - bytesio_type -
Modules/_xxtestfuzz/fuzzer.c - compiled_patterns - Modules/_xxtestfuzz/fuzzer.c - compiled_patterns -
Modules/_xxtestfuzz/fuzzer.c - csv_error - Modules/_xxtestfuzz/fuzzer.c - csv_error -
Modules/_xxtestfuzz/fuzzer.c - csv_module - Modules/_xxtestfuzz/fuzzer.c - csv_module -
@ -598,12 +599,14 @@ Modules/_xxtestfuzz/fuzzer.c - re_compile_method -
Modules/_xxtestfuzz/fuzzer.c - re_error_exception - Modules/_xxtestfuzz/fuzzer.c - re_error_exception -
Modules/_xxtestfuzz/fuzzer.c - struct_error - Modules/_xxtestfuzz/fuzzer.c - struct_error -
Modules/_xxtestfuzz/fuzzer.c - struct_unpack_method - Modules/_xxtestfuzz/fuzzer.c - struct_unpack_method -
Modules/_xxtestfuzz/fuzzer.c - xmlparser_type -
Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput CSV_READER_INITIALIZED - Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput CSV_READER_INITIALIZED -
Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput JSON_LOADS_INITIALIZED - Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput JSON_LOADS_INITIALIZED -
Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput SRE_COMPILE_INITIALIZED - Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput SRE_COMPILE_INITIALIZED -
Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput SRE_MATCH_INITIALIZED - Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput SRE_MATCH_INITIALIZED -
Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput STRUCT_UNPACK_INITIALIZED - Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput STRUCT_UNPACK_INITIALIZED -
Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput AST_LITERAL_EVAL_INITIALIZED - Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput AST_LITERAL_EVAL_INITIALIZED -
Modules/_xxtestfuzz/fuzzer.c LLVMFuzzerTestOneInput ELEMENTTREE_PARSEWHOLE_INITIALIZED -
##----------------------- ##-----------------------
## the analyzer should have ignored these ## the analyzer should have ignored these

Can't render this file because it has a wrong number of fields in line 4.